Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2026-39646
- EPSS 0.03%
- Veröffentlicht 08.04.2026 08:30:32
- Zuletzt bearbeitet 09.04.2026 16:16:29
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bozdoz Leaflet Map leaflet-map allows Stored XSS.This issue affects Leaflet Map: from n/a through <= 3.4.4.
5.4
CVE-2023-5050
- EPSS 0.16%
- Veröffentlicht 20.10.2023 07:15:17
- Zuletzt bearbeitet 08.04.2026 17:17:05
The Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers wi...
5.4
CVE-2021-24468
- EPSS 0.18%
- Veröffentlicht 02.08.2021 11:15:09
- Zuletzt bearbeitet 21.11.2024 05:53:07
The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues
1